The host is installed with Couchbase Server 4.0.0 before 7.0.4 and is prone to a http request vulnerability. A flaw is present in the application, which fails to properly handle the issuess in REST API call to the cluster manager. Successful exploitation could allow attackers to send random HTTP requests which leads to leaked metrics.